OSPF default routes adwertised by two routers.

Unanswered Question
Aug 24th, 2008
User Badges:

Hello.

I have thre routers:

R1 - RID 192.168.10.1

R2 - RID 192.168.10.2

R3 - RID 192.168.10.1


they are connected in one brodcast network.


the R2 and R3 are routers connected to internet.

I want to R3 and R2 advertise default route by OSPF and R1 recive both default routes and change metric in one of them to one route be primary default route and

second be backup default route (it is needed because i want to place statefull firewall beetwen the routers).


I do the folowing configuration on router

R3 and R2:


R3:

interface Loopback0

ip address 192.168.11.1 255.255.255.0

interface FastEthernet0

ip address 192.168.10.3 255.255.255.0

speed auto

router ospf 100

log-adjacency-changes

network 192.168.10.0 0.0.0.255 area 0

network 192.168.11.0 0.0.0.255 area 0

default-information originate always metric-type 1

!

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0 permanent




R2:

interface FastEthernet0

ip address 192.168.10.2 255.255.255.0

speed auto

router ospf 100

log-adjacency-changes

network 192.168.10.0 0.0.0.255 area 0

default-information originate always metric-type 1

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Serial0 permanent


AND on R1 is the folowing configuration:.

interface Ethernet0

ip address 10.0.0.1 255.255.255.0

half-duplex

!

interface FastEthernet0

ip address 192.168.10.1 255.255.255.0

speed auto

router ospf 100

router-id 192.168.10.1

log-adjacency-changes detail

network 192.168.10.0 0.0.0.255 area 0

distribute-list route-map ddd in


ip prefix-list defroute seq 10 permit 0.0.0.0/0

access-list 1 permit any

access-list 10 permit 192.168.10.3 log

access-list 20 permit 192.168.10.2


route-map ddd permit 10

match ip route-source 10

set metric 10

!

route-map ddd permit 20

match ip address 1

match ip route-source 20


The problem is that the configuration made on R1 is not working - metric do not change.


sh ip route on R1 display folowing output:

C 192.168.10.0/24 is directly connected, FastEthernet0

192.168.11.0/32 is subnetted, 1 subnets

O 192.168.11.1 [110/2] via 192.168.10.3, 00:00:25, FastEthernet0

O*E1 0.0.0.0/0 [110/2] via 192.168.10.3, 00:00:25, FastEthernet0

[110/2] via 192.168.10.2, 00:00:25, FastEthernet0


Can somebody help me, where i made mistake ?


Thanks for help.






  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Sun, 08/24/2008 - 10:34
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Wociech


OSPF as a link state protocol must draw a logical and accurate map of the network topology and from that map will calculate the routes. I do not believe that OSPF gives you the ability to manipulate the metric in the same way that some other protocols do. I believe that the set metric that you use in the route map could be effective for some other protocols but not for OSPF.


HTH


Rick

Harold Ritter Sun, 08/24/2008 - 17:56
User Badges:
  • Cisco Employee,

Wociech,


One way to achieve what you want to do is to originate the default with as an E1 on the primary side and leave the secondary as an E2 (which is the default). R1 will naturally use the route to the primary as the E1 is preferred over the E2.


Regards,

Giuseppe Larosa Mon, 08/25/2008 - 00:12
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Wociech,


on R2

router ospf 100

default-information originate always metric-type 1 metric 50


in this way you will have an higher seed metric for the 0.0.0.0/0 or R2.


remove all the stuff on R1 because it is wrong in theory because OSPF is link state you cannot change an LSA attribute like metric on another router: LSA is owned by the originator and is propagated unchanged on all the OSPF domain (in the case of LSA type 5 as the default route).

Only the LSA owner can send a new version of the LSA with a different field like a different metric value.


Hope to help

Giuseppe

Richard Burts Mon, 08/25/2008 - 04:34
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Wociech


In my response I focused on your question about what you can do on R1 to prefer one of the default routes and the fact that R1 can not really do that. The excellent suggestions from Harold and from Guiseppe look past that and suggest ways to achieve what you want by doing things on R2 or R3. Their suggestions should provide an effective solution to your requirements.


HTH


Rick

cyberrmen Fri, 08/29/2008 - 02:08
User Badges:

The problem is not to R1 get two default routes with difrent piority. The problem is how to do that on R1.


Ok whole the problem is that i have two difrent locations far away from each other.


In one location is R2 > statefull firewall > R1


In second location is R3 > statefull firewall > R4

R2,R3 - have connection to internet.

R1 and R4 are dmz routers. DMZ have public addreses.


DMZ must be the same l2/l3 segment i in both locations.


I have first l2 connections - segment betwen R2 and firewall in location 1 is connected witch segment between R3 and wirewall in location 2.

I have second l2 connections - segment betwen R1 and firewall in location 1 is connected witch segment between R4 and wirewall in location 2.

The problem is how to configure traffic that if communication will be sent to one firewall then the return traffic will be send to this same firewall. (without emploing any nat). And maintain redundancy in case of failure of one firewall or failure one of routers R2 or R3.

Of course it is not posible to build cluster form firewals in location 1 and location 2 but they support ospf.


In IOS decumentation it is writen that metric command is suported for OSPF. I have seen the same working excamples on cisco.com that my, only difrence was that it was for the normal routes not for default which is external in meening of ospf. (but i see that it is not working with normal route too in my case).


Mayby i am missing something.





Actions

This Discussion